Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32643a3a2f34382d3438203d3e20323033303639.roa
File: 326130353a646663353a32643a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier: OEZl376DrCsFU7qtJ3NW3IzAON94CZp87OVz26yHiJk=
Subject key identifier: F3:EF:45:EF:0E:56:02:B4:4D:E9:38:6D:3F:F5:E9:AA:D8:1E:5D:16
Certificate issuer: /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial: 64DC3277B7118E537074E2C0976151EDC2676EE6
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32643a3a2f34382d3438203d3e20323033303639.roa
Signing time: Fri 20 Jan 2023 16:33:49 +0000
ROA not before: Fri 20 Jan 2023 16:28:49 +0000
ROA not after: Fri 19 Jan 2024 16:33:49 +0000
asID: 203069
IP address blocks: 2a05:dfc5:2d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:dc:32:77:b7:11:8e:53:70:74:e2:c0:97:61:51:ed:c2:67:6e:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
Validity
Not Before: Jan 20 16:28:49 2023 GMT
Not After : Jan 19 16:33:49 2024 GMT
Subject: CN=F3EF45EF0E5602B44DE9386D3FF5E9AAD81E5D16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9b:e6:37:34:c6:85:3b:f3:ce:d5:76:84:ca:
36:6d:17:b3:de:ce:cf:83:5b:3c:87:d9:51:35:a6:
2f:87:3c:5a:1c:dc:1f:c7:f3:d2:cb:b5:f7:dd:3d:
a7:24:da:c6:ef:a7:7b:e9:b9:a1:dc:f0:fc:87:f5:
c6:67:53:f1:cf:35:37:60:b7:33:53:25:ae:1f:f1:
9a:0e:3b:ed:55:13:16:55:a5:3e:59:d4:fc:47:64:
17:ea:ae:2d:02:b7:37:ef:cf:38:23:75:a8:46:23:
aa:c4:37:c4:fe:8b:ce:5d:16:bf:fb:2c:00:3d:37:
51:4a:f5:91:01:26:2a:37:c8:b3:15:ec:08:01:0b:
59:33:4d:d6:84:f3:38:50:dd:74:1f:28:6b:57:a5:
58:83:dc:9a:e9:be:02:0f:f2:b0:f6:51:f4:d4:4c:
89:a5:e8:2d:c3:c8:08:60:d9:8e:64:bd:59:88:fc:
63:79:68:ca:4a:da:bd:d9:7c:94:7b:50:03:4a:24:
68:24:9d:fa:b5:7e:1c:55:af:2c:bf:eb:6d:08:77:
8d:9a:2c:eb:80:5a:77:c9:57:f9:aa:21:b0:79:83:
ee:3b:30:2c:0f:08:39:3a:c4:86:b6:7f:8d:f7:0a:
4c:3c:89:cc:d6:9b:9f:92:0f:c5:0d:c9:5f:5a:75:
18:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:EF:45:EF:0E:56:02:B4:4D:E9:38:6D:3F:F5:E9:AA:D8:1E:5D:16
X509v3 Authority Key Identifier:
keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32643a3a2f34382d3438203d3e20323033303639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc5:2d::/48
Signature Algorithm: sha256WithRSAEncryption
8f:42:66:86:91:0f:5f:e0:c6:f7:66:15:c5:c8:22:83:04:91:
1a:fa:83:5d:15:4c:98:6f:f2:45:5a:c6:1c:5e:69:8e:51:6e:
cc:79:6b:24:49:f1:63:6f:a1:c9:e4:f8:51:b2:89:b2:0d:f3:
8a:c1:1b:e0:19:27:d3:a9:12:65:b2:73:06:81:01:02:ef:e9:
8e:e9:83:f3:6a:4c:1e:09:f7:cf:47:56:e1:4d:86:4a:51:61:
9c:0a:0c:ab:01:c0:0f:86:4e:5b:61:e8:9b:ab:64:70:0f:c0:
b7:49:88:8e:6b:97:43:c6:60:c5:c9:98:df:15:b0:fa:fa:29:
a9:6a:41:cb:cd:f8:60:13:a7:75:7a:33:9b:cf:ea:8a:46:4b:
d1:c1:57:a8:c9:64:86:78:8e:4a:a9:32:f3:5e:b5:33:8a:f8:
9b:77:97:5d:85:05:4d:7c:a0:a9:58:4d:0f:ea:b1:82:c3:2c:
9e:b1:e1:12:2a:aa:da:c6:9b:34:75:d5:8d:1e:77:16:c7:4b:
45:63:12:e3:93:4a:62:55:9d:5e:93:81:26:cd:d6:51:60:52:
27:93:06:10:65:07:d7:8a:ae:14:2b:94:40:84:05:17:c3:6f:
a1:bb:a7:6e:dc:d0:b0:67:2f:56:ba:2e:48:f4:0c:08:77:ec:
99:f0:fa:16
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUZNwyd7cRjlNwdOLAl2FR7cJnbuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjI4NDlaFw0yNDAxMTkxNjMzNDlaMDMxMTAvBgNV
BAMTKEYzRUY0NUVGMEU1NjAyQjQ0REU5Mzg2RDNGRjVFOUFBRDgxRTVEMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTm+Y3NMaFO/PO1XaEyjZtF7Pe
zs+DWzyH2VE1pi+HPFoc3B/H89LLtffdPack2sbvp3vpuaHc8PyH9cZnU/HPNTdg
tzNTJa4f8ZoOO+1VExZVpT5Z1PxHZBfqri0CtzfvzzgjdahGI6rEN8T+i85dFr/7
LAA9N1FK9ZEBJio3yLMV7AgBC1kzTdaE8zhQ3XQfKGtXpViD3JrpvgIP8rD2UfTU
TIml6C3DyAhg2Y5kvVmI/GN5aMpK2r3ZfJR7UANKJGgknfq1fhxVryy/620Id42a
LOuAWnfJV/mqIbB5g+47MCwPCDk6xIa2f433Ckw8iczWm5+SD8UNyV9adRj/AgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQU8+9F7w5WArRN6ThtP/XpqtgeXRYwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMjY0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMzMzAzNjM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgXfxQAtMA0GCSqGSIb3DQEBCwUAA4IBAQCPQmaGkQ9f4Mb3ZhXFyCKD
BJEa+oNdFUyYb/JFWsYcXmmOUW7MeWskSfFjb6HJ5PhRsomyDfOKwRvgGSfTqRJl
snMGgQEC7+mO6YPzakweCffPR1bhTYZKUWGcCgyrAcAPhk5bYeibq2RwD8C3SYiO
a5dDxmDFyZjfFbD6+impakHLzfhgE6d1ejObz+qKRkvRwVeoyWSGeI5KqTLzXrUz
ivibd5ddhQVNfKCpWE0P6rGCwyyeseESKqraxps0ddWNHncWx0tFYxLjk0piVZ1e
k4EmzdZRYFInkwYQZQfXiq4UK5RAhAUXw2+hu6du3NCwZy9Wui5I9AwId+yZ8PoW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org